漏洞标题
N/A
漏洞描述信息
在Cisco Unified Communications Manager(CUCM)5.x和6.x在6.1(5)SU2之前、7.x在7.1(5b)SU2之前、8.x在8.0(3)之前以及Cisco Unified Contact Center Express(CUCM)和Cisco Unified IP Interactive Voice Response(Unified IP-IVR)在6.0(1)SR1ES8之前、7.0(x)在7.0(2)ES1之前、8.0(x)在8.0(2)SU3之前以及8.5(x)在8.5(1)SU2之前,通过构造的URL读取任意文件的漏洞,也被称为CSCth09343和CSCts44049。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Cisco 多个产品目录遍历的漏洞
漏洞描述信息
Cisco Unified Communications Manager(CUCM,Unified CM,CallManager)是美国思科(Cisco)公司的一款统一通信系统中的呼叫处理组件。该组件提供了一种可扩展、可分布和高可用的企业IP电话呼叫处理解决方案。Cisco Unified Contact Center Express是单节点和双节点呼叫中心服务器。Cisco Unified Interactive Voice Response是提供IP呼叫队列和IP智能音频回复的UCCX产品包。 多个思
CVSS信息
N/A
漏洞类别
路径遍历